Principal Analyst

Job Description

If you have a strong background in analysis and are looking to be at the forefront of technical threat intelligence tracking, then we want to hear from you! The successful candidate should be an independent, critical thinker skilled in using data to solve analytic problems and adept in satisfying intelligence requirements under tight deadlines. The analyst’s work will inform a range of tactical and strategic decisions and should equip audiences with actionable assessments.

Responsibilities:

• Locate vector of infection/breach and help determine the extent of the compromise, attributes of any malware and possible data ex-filtrated
• Develop, document, and manage containment strategy
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures (TTPs) of attackers; and forensics and incident response
• Identify and hunt for related TTPs across all internal/external repositories
• Correlate collected intelligence, to build upon a larger knowledge base of tracked threat activity
• Present tactical and strategic intelligence about threat groups, the methodologies they use and the motivations behind their activity
• Write finished intelligence at the technical and strategic levels
• Convey both verbally and in writing the importance of findings for a variety of audiences
• Prepare and deliver briefings and reports to the client’s executives, security team or fellow analysts
• Ability to work with little direct oversight

Qualifications

• 5 + years of experience in an analytical role of either network forensics analyst, Threat Analyst or security engineer/ consultant
• 5 + years of experience in Investigative or Incident Response environments
• Expertise in analysis of TCP/IP network communication protocols
• Experience with Python or other scripting language in an incident handling environment
• Experience in evaluating forensic reports of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
• Excellent knowledge of security solutions and technologies, including: Windows, Linux, Network architecture / implementation / configuration
• Experience conducting analysis of packet flow/TCP/UDP traffic, Firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS)

AdditionalQualifications:

• Exceptional written communication skills
• System administration experience with enterprise email systems, highly desired
• Master’s or other professional degree preferred
• Malware/security experience and experience with FireEye products, highly desired
• Excellent communication and presentation skills with the ability to present to a variety of internal audiences including senior executives
• Proven track record of successfully managing and executing on short term and long term projects
• Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
• Ability to set and manage expectations with senior stake-holders and team members
• Demonstrated ability to manage customer relationships

Additional Information